{"report_id":"04f22e2e-bf01-4ec6-ba31-ba27d47dde6f","version":0,"status":"done","tags":[],"date":"2026-06-30T21:34:15Z","url":{"schema":"http","addr":"6jw7mfi5.cfd","fqdn":"6jw7mfi5.cfd","domain":"6jw7mfi5.cfd","tld":"cfd"},"ip":{"addr":"137.220.137.102","port":0,"asn":152194,"as":"CTG Server Limited","country":"Japan","country_code":"JP"},"final":{"url":{"schema":"https","addr":"6jw7mfi5.cfd/","fqdn":"6jw7mfi5.cfd","domain":"6jw7mfi5.cfd","tld":"cfd"},"title":"健康生活指南","dom":{"size":4730,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (2175)","md5":"8018ad29c065209bbbd9cdd99366075c","sha1":"0561901e233d67721327690dc0ce68aab4782357","sha256":"3b1300cb34af091225453e953c0de932ea9a3d7afe7021a1e0d7887bb96fcbc0","sha512":"8fcd44921dbe89f08820b04e5a0d02b7943e3ed9513cd5f0f27b32019ee25b0314850e941a03f41d0e11123cee9235ddf41db62cb8be8779ef6698387ce22766","ssdeep":"48:p8NQGDcQWzAdPuparrFhYJ2tbirSUk4T3hAfBuh4bC4Iw44gip47bWMGuQKZ:pJUPu2RUnrSUVyq9Z77bx","tlshash":"c8a11f2130d079e6417785e292e97e5d68c3f32bc4880440f9be59a90ff5debb862237","dom_hash":"domhash58add80ad5fd0b564d61b9d0098944a1","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"6jw7mfi5.cfd","fqdn":"6jw7mfi5.cfd","domain":"6jw7mfi5.cfd","tld":"cfd"},"ip":{"addr":"137.220.137.102","port":0,"asn":152194,"as":"CTG Server Limited","country":"Japan","country_code":"JP"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-08-04T21:34:15Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-30","alert":"Sinkholed","trigger":"6jw7mfi5.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-30","alert":"Sinkholed","trigger":"6jw7mfi5.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"www.baidu.com","ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"1999-10-11","domain_rank":6810,"first_seen":"2017-01-30T06:01:42Z","last_seen":"2026-06-29T04:04:35.705685Z","alert_count":0,"request_count":1,"received_data":0,"sent_data":488,"comment":"","tags":null,"fingerprints":null},{"fqdn":"6jw7mfi5.cfd","ip":{"addr":"137.220.137.102","port":443,"asn":152194,"as":"CTG Server Limited","country":"Japan","country_code":"JP"},"domain_registered":"2026-06-29","domain_rank":0,"first_seen":"2026-06-30T17:29:55.371925Z","last_seen":"2026-06-30T17:29:55.371925Z","alert_count":14,"request_count":7,"received_data":1214613,"sent_data":3288,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"6jw7mfi5.cfd/assets/index-CWgog42l.js","fqdn":"6jw7mfi5.cfd","domain":"6jw7mfi5.cfd","tld":"cfd"},"ip":{"addr":"137.220.137.102","port":443,"asn":152194,"as":"CTG Server Limited","country":"Japan","country_code":"JP"},"introduction_type":"scriptElement","is_inline":false,"md5":"b303b2ad297a274dcc3342aa5ea89036","sha1":"3801e2940f1ac8e8b0c4bf20ef6847d9a0d75eb6","sha256":"b228ea129cbc5650fc56fd34a5d0dfbdb613bc147acb9d0d432100c3c0979c0a","sha512":"a268b858057b3214390833da3150f33c8ef0cf40360d8b261ab29f1dec993934c1d5cf10c81652c7c92dbce71df8a4aac7377228565c45e1653906c571df390c","ssdeep":"3072:YWZDBqQ9wDdnjYvvno5AUGsBcpNzl4t/cZRWhsAMO+HOV:3DBqDDdjYY5AUGsg+/hsAM9HOV","tlshash":"c3344ce97382f06153a749ea407b4402f33e6915344ec4d4f26ae8da3c6658e91b7f3e","size":240049,"data":"","first_seen":"2026-06-30T17:29:58.780698Z","last_seen":"2026-06-30T21:34:17.77215Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"6jw7mfi5.cfd/assets/test-DWi2ZmUG.js","fqdn":"6jw7mfi5.cfd","domain":"6jw7mfi5.cfd","tld":"cfd"},"ip":{"addr":"137.220.137.102","port":443,"asn":152194,"as":"CTG Server Limited","country":"Japan","country_code":"JP"},"introduction_type":"scriptElement","is_inline":false,"md5":"4b14bfb80ac33e8620c240e15828c7ea","sha1":"da2bdbb9e1d581e134eab72ab3fcf835c83d40cf","sha256":"948df6a523e53937e9d76692376ea3b1fef3d00e202255be14d9f9cd29f2c326","sha512":"3e5191741b613b50d74e7b0ca0448a855897618c693cf5968990a56acd7988b8cee4fbbd16d4e11cf94a09781aa708e78b4f20342ba8c2bae7c72e2515a04e16","ssdeep":"6144:QiApxfTSWO8xrYv9sKDgXuRgIJ9yUckd2/Bl1u66hv:KeWbO9PQuRg3UckdEByzv","tlshash":"52843c997691b02143a355e5506f100af33c1e1a780d84e4f269fcf67dba9ca927bf38","size":405314,"data":"","first_seen":"2026-06-30T17:29:58.776824Z","last_seen":"2026-06-30T21:34:17.768727Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"6jw7mfi5.cfd/assets/test-DWi2ZmUG.js","fqdn":"6jw7mfi5.cfd","domain":"6jw7mfi5.cfd","tld":"cfd"},"ip":{"addr":"137.220.137.102","port":443,"asn":152194,"as":"CTG Server Limited","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://6jw7mfi5.cfd/","date":"2026-06-30T21:33:51.924Z","timestamp":1782855231924,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"9e851c5e.cfd","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Jun 2026 23:19:51 GMT","end":"Sat, 26 Sep 2026 23:19:50 GMT"},"fingerprint":{"sha1":"F0:74:81:C3:6D:62:E8:27:E7:1D:C2:A8:EB:42:83:26:8D:3C:4C:A9","sha256":"23:B8:77:0D:E6:24:FD:52:47:8C:A0:29:72:D1:03:AE:59:20:40:FD:BE:1A:BA:9C:82:C3:32:39:9C:89:7E:4D"}}},"request":{"raw":"GET /assets/test-DWi2ZmUG.js HTTP/1.1\r\nHost: 6jw7mfi5.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://6jw7mfi5.cfd/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Tue, 30 Jun 2026 21:33:52 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 138334\r\nlast-modified: Tue, 30 Jun 2026 11:41:09 GMT\r\netag: \"6a43ab55-21c5e\"\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":405314,"size_decoded":138812,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (54120)","md5":"4b14bfb80ac33e8620c240e15828c7ea","sha1":"da2bdbb9e1d581e134eab72ab3fcf835c83d40cf","sha256":"948df6a523e53937e9d76692376ea3b1fef3d00e202255be14d9f9cd29f2c326","sha512":"3e5191741b613b50d74e7b0ca0448a855897618c693cf5968990a56acd7988b8cee4fbbd16d4e11cf94a09781aa708e78b4f20342ba8c2bae7c72e2515a04e16","ssdeep":"6144:QiApxfTSWO8xrYv9sKDgXuRgIJ9yUckd2/Bl1u66hv:KeWbO9PQuRg3UckdEByzv","tlshash":"52843c997691b02143a355e5506f100af33c1e1a780d84e4f269fcf67dba9ca927bf38","first_seen":"2026-06-30T17:29:58.776824Z","last_seen":"2026-06-30T21:34:17.768727Z","times_seen":2,"resource_available":true,"data":null}},"time_used":457,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":310,"receive":147,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-30","alert":"Sinkholed","trigger":"6jw7mfi5.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-30","alert":"Sinkholed","trigger":"6jw7mfi5.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"6jw7mfi5.cfd/assets/test-BuC74uMB.css","fqdn":"6jw7mfi5.cfd","domain":"6jw7mfi5.cfd","tld":"cfd"},"ip":{"addr":"137.220.137.102","port":443,"asn":152194,"as":"CTG Server Limited","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://6jw7mfi5.cfd/","date":"2026-06-30T21:33:51.926Z","timestamp":1782855231926,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"9e851c5e.cfd","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Jun 2026 23:19:51 GMT","end":"Sat, 26 Sep 2026 23:19:50 GMT"},"fingerprint":{"sha1":"F0:74:81:C3:6D:62:E8:27:E7:1D:C2:A8:EB:42:83:26:8D:3C:4C:A9","sha256":"23:B8:77:0D:E6:24:FD:52:47:8C:A0:29:72:D1:03:AE:59:20:40:FD:BE:1A:BA:9C:82:C3:32:39:9C:89:7E:4D"}}},"request":{"raw":"GET /assets/test-BuC74uMB.css HTTP/1.1\r\nHost: 6jw7mfi5.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://6jw7mfi5.cfd/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Tue, 30 Jun 2026 21:33:52 GMT\r\ncontent-type: text/css\r\ncontent-length: 10341\r\nlast-modified: Tue, 30 Jun 2026 11:41:09 GMT\r\netag: \"6a43ab55-2865\"\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":52119,"size_decoded":10803,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (52110)","md5":"d51bedf05c0a177f6790e536ea7ad7c8","sha1":"1a407ee024bf6c8a5b781d9e5e9e82d9a50b5e49","sha256":"3154fc7063765f192712232f6348c674bfecad3df5263e36388b3c62b5aca1a3","sha512":"ad48ff83bb1d86a2c70363805e65573d818aa3bee33aa7d661e1ce88552d0b84fc0b8ff8e541b457966e456e68b22834e1a7d71ebbe754ecbf6c60e9ca5ffba3","ssdeep":"768:/2gVLTSiW+kk7W5TKW12XdGWEwbvFanvURxRUuqek:eaTSiW+kkNW12XdGWEw+vURxR3qD","tlshash":"1733b81ab7486539be3be1ac6bc5d9e8b238ea53cd024395fa00711049c36f73663f65","first_seen":"2026-06-30T17:29:58.77781Z","last_seen":"2026-06-30T21:34:17.769432Z","times_seen":2,"resource_available":false,"data":null}},"time_used":464,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":454,"receive":10,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-30","alert":"Sinkholed","trigger":"6jw7mfi5.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-30","alert":"Sinkholed","trigger":"6jw7mfi5.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"6jw7mfi5.cfd/favicon.ico","fqdn":"6jw7mfi5.cfd","domain":"6jw7mfi5.cfd","tld":"cfd"},"ip":{"addr":"137.220.137.102","port":443,"asn":152194,"as":"CTG Server Limited","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://6jw7mfi5.cfd/","date":"2026-06-30T21:33:52.131Z","timestamp":1782855232131,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"9e851c5e.cfd","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Jun 2026 23:19:51 GMT","end":"Sat, 26 Sep 2026 23:19:50 GMT"},"fingerprint":{"sha1":"F0:74:81:C3:6D:62:E8:27:E7:1D:C2:A8:EB:42:83:26:8D:3C:4C:A9","sha256":"23:B8:77:0D:E6:24:FD:52:47:8C:A0:29:72:D1:03:AE:59:20:40:FD:BE:1A:BA:9C:82:C3:32:39:9C:89:7E:4D"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: 6jw7mfi5.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://6jw7mfi5.cfd/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Tue, 30 Jun 2026 21:33:52 GMT\r\ncontent-type: text/html\r\ncontent-length: 542\r\nlast-modified: Tue, 30 Jun 2026 11:41:09 GMT\r\netag: \"6a43ab55-21e\"\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1311,"size_decoded":1002,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"0a8af58d5ebb12f65b9db15cb0483a11","sha1":"558db602962689562c16a01712e2a052ff2ff7d4","sha256":"6f4c35f1818c8cb0eac6ce49b7afb6cd161393a9ddb1925a6b142e3d44d13642","sha512":"088ff6833588ce94e0f3201143a6dceb1936ec627b9f548475f37941ac73ff49fd4bc656635a60fdf9bd45cc6216a527a8553a7cf7cd56ed3337b80aca662396","ssdeep":"","tlshash":"16213b9328f09d2e623187306aeaf1018e519a97d3185c98f09d74ee4fd4f84cedb2b5","first_seen":"2026-06-30T17:29:58.778727Z","last_seen":"2026-06-30T21:34:17.770135Z","times_seen":2,"resource_available":true,"data":null}},"time_used":294,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":294,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-30","alert":"Sinkholed","trigger":"6jw7mfi5.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-30","alert":"Sinkholed","trigger":"6jw7mfi5.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"6jw7mfi5.cfd/assets/element-icons-B-tDfklg.woff","fqdn":"6jw7mfi5.cfd","domain":"6jw7mfi5.cfd","tld":"cfd"},"ip":{"addr":"137.220.137.102","port":443,"asn":152194,"as":"CTG Server Limited","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://6jw7mfi5.cfd/","date":"2026-06-30T21:33:52.508Z","timestamp":1782855232508,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"9e851c5e.cfd","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Jun 2026 23:19:51 GMT","end":"Sat, 26 Sep 2026 23:19:50 GMT"},"fingerprint":{"sha1":"F0:74:81:C3:6D:62:E8:27:E7:1D:C2:A8:EB:42:83:26:8D:3C:4C:A9","sha256":"23:B8:77:0D:E6:24:FD:52:47:8C:A0:29:72:D1:03:AE:59:20:40:FD:BE:1A:BA:9C:82:C3:32:39:9C:89:7E:4D"}}},"request":{"raw":"GET /assets/element-icons-B-tDfklg.woff HTTP/1.1\r\nHost: 6jw7mfi5.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://6jw7mfi5.cfd/assets/index-Cv2utsCn.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Tue, 30 Jun 2026 21:33:52 GMT\r\ncontent-type: font/woff\r\ncontent-length: 28200\r\nlast-modified: Tue, 30 Jun 2026 11:41:09 GMT\r\netag: \"6a43ab55-6e28\"\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":28200,"size_decoded":28639,"mime_type":"font/woff","magic":"Web Open Font Format, TrueType, length 28200, version 1.0","md5":"535877f50039c0cb49a6196a5b7517cd","sha1":"0000c4e27d38f9f8bbe4e58b5ce2477e589507a7","sha256":"ab40a58972be2ceab32e7e35dab3131b959aae63835d7bda1a79ae51f9a73c17","sha512":"da269b20f13fb5b0bb4628b75ec29e69bb2d36999e94b61a846cb58db679287a13d0aa38cdf64b2893558d183c4cc5df8da770e5a5b2a3288622cd4bd0e1c87b","ssdeep":"768:gOvv6ExpCVxUtrT6w8ClFd80EjPVerMKBaGXjAlEm:Hvv6xVWewtlFdGjPlkFjAlEm","tlshash":"b9c2e13197213ae9d9824ef876e498fef1651402290f390e8696adb3a98d5c73e16831","first_seen":"2023-04-05T15:22:49Z","last_seen":"2026-06-30T21:34:17.771021Z","times_seen":26480,"resource_available":false,"data":null}},"time_used":320,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":305,"receive":15,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-30","alert":"Sinkholed","trigger":"6jw7mfi5.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-30","alert":"Sinkholed","trigger":"6jw7mfi5.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.baidu.com/","fqdn":"www.baidu.com","domain":"baidu.com","tld":"com"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-30T21:34:01.483Z","timestamp":1782855241483,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: www.baidu.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-07-01T02:18:57.848353Z","times_seen":16876937,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"6jw7mfi5.cfd/","fqdn":"6jw7mfi5.cfd","domain":"6jw7mfi5.cfd","tld":"cfd"},"ip":{"addr":"137.220.137.102","port":443,"asn":152194,"as":"CTG Server Limited","country":"Japan","country_code":"JP"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-30T21:33:48.543Z","timestamp":1782855228543,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"9e851c5e.cfd","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Jun 2026 23:19:51 GMT","end":"Sat, 26 Sep 2026 23:19:50 GMT"},"fingerprint":{"sha1":"F0:74:81:C3:6D:62:E8:27:E7:1D:C2:A8:EB:42:83:26:8D:3C:4C:A9","sha256":"23:B8:77:0D:E6:24:FD:52:47:8C:A0:29:72:D1:03:AE:59:20:40:FD:BE:1A:BA:9C:82:C3:32:39:9C:89:7E:4D"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: 6jw7mfi5.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Tue, 30 Jun 2026 21:33:50 GMT\r\ncontent-type: text/html\r\ncontent-length: 542\r\nlast-modified: Tue, 30 Jun 2026 11:41:09 GMT\r\netag: \"6a43ab55-21e\"\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1311,"size_decoded":1002,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"0a8af58d5ebb12f65b9db15cb0483a11","sha1":"558db602962689562c16a01712e2a052ff2ff7d4","sha256":"6f4c35f1818c8cb0eac6ce49b7afb6cd161393a9ddb1925a6b142e3d44d13642","sha512":"088ff6833588ce94e0f3201143a6dceb1936ec627b9f548475f37941ac73ff49fd4bc656635a60fdf9bd45cc6216a527a8553a7cf7cd56ed3337b80aca662396","ssdeep":"","tlshash":"16213b9328f09d2e623187306aeaf1018e519a97d3185c98f09d74ee4fd4f84cedb2b5","first_seen":"2026-06-30T17:29:58.778727Z","last_seen":"2026-06-30T21:34:17.770135Z","times_seen":2,"resource_available":true,"data":null}},"time_used":1803,"timings":{"blocked":-1,"dns":642,"connect":297,"send":0,"wait":293,"receive":8,"ssl":563},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-30","alert":"Sinkholed","trigger":"6jw7mfi5.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-30","alert":"Sinkholed","trigger":"6jw7mfi5.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"6jw7mfi5.cfd/assets/index-CWgog42l.js","fqdn":"6jw7mfi5.cfd","domain":"6jw7mfi5.cfd","tld":"cfd"},"ip":{"addr":"137.220.137.102","port":443,"asn":152194,"as":"CTG Server Limited","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://6jw7mfi5.cfd/","date":"2026-06-30T21:33:50.590Z","timestamp":1782855230590,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"9e851c5e.cfd","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Jun 2026 23:19:51 GMT","end":"Sat, 26 Sep 2026 23:19:50 GMT"},"fingerprint":{"sha1":"F0:74:81:C3:6D:62:E8:27:E7:1D:C2:A8:EB:42:83:26:8D:3C:4C:A9","sha256":"23:B8:77:0D:E6:24:FD:52:47:8C:A0:29:72:D1:03:AE:59:20:40:FD:BE:1A:BA:9C:82:C3:32:39:9C:89:7E:4D"}}},"request":{"raw":"GET /assets/index-CWgog42l.js HTTP/1.1\r\nHost: 6jw7mfi5.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://6jw7mfi5.cfd/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Tue, 30 Jun 2026 21:33:50 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 83607\r\nlast-modified: Tue, 30 Jun 2026 11:41:09 GMT\r\netag: \"6a43ab55-14697\"\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":240049,"size_decoded":84084,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (39084)","md5":"b303b2ad297a274dcc3342aa5ea89036","sha1":"3801e2940f1ac8e8b0c4bf20ef6847d9a0d75eb6","sha256":"b228ea129cbc5650fc56fd34a5d0dfbdb613bc147acb9d0d432100c3c0979c0a","sha512":"a268b858057b3214390833da3150f33c8ef0cf40360d8b261ab29f1dec993934c1d5cf10c81652c7c92dbce71df8a4aac7377228565c45e1653906c571df390c","ssdeep":"3072:YWZDBqQ9wDdnjYvvno5AUGsBcpNzl4t/cZRWhsAMO+HOV:3DBqDDdjYY5AUGsg+/hsAM9HOV","tlshash":"c3344ce97382f06153a749ea407b4402f33e6915344ec4d4f26ae8da3c6658e91b7f3e","first_seen":"2026-06-30T17:29:58.780698Z","last_seen":"2026-06-30T21:34:17.77215Z","times_seen":2,"resource_available":true,"data":null}},"time_used":944,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":402,"receive":542,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-30","alert":"Sinkholed","trigger":"6jw7mfi5.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-30","alert":"Sinkholed","trigger":"6jw7mfi5.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"6jw7mfi5.cfd/assets/index-Cv2utsCn.css","fqdn":"6jw7mfi5.cfd","domain":"6jw7mfi5.cfd","tld":"cfd"},"ip":{"addr":"137.220.137.102","port":443,"asn":152194,"as":"CTG Server Limited","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://6jw7mfi5.cfd/","date":"2026-06-30T21:33:50.591Z","timestamp":1782855230591,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"9e851c5e.cfd","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Sun, 28 Jun 2026 23:19:51 GMT","end":"Sat, 26 Sep 2026 23:19:50 GMT"},"fingerprint":{"sha1":"F0:74:81:C3:6D:62:E8:27:E7:1D:C2:A8:EB:42:83:26:8D:3C:4C:A9","sha256":"23:B8:77:0D:E6:24:FD:52:47:8C:A0:29:72:D1:03:AE:59:20:40:FD:BE:1A:BA:9C:82:C3:32:39:9C:89:7E:4D"}}},"request":{"raw":"GET /assets/index-Cv2utsCn.css HTTP/1.1\r\nHost: 6jw7mfi5.cfd\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://6jw7mfi5.cfd/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Tue, 30 Jun 2026 21:33:50 GMT\r\ncontent-type: text/css\r\ncontent-length: 96531\r\nlast-modified: Tue, 30 Jun 2026 11:41:09 GMT\r\netag: \"6a43ab55-17913\"\r\ncontent-encoding: gzip\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":483070,"size_decoded":96994,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (65018), with no line terminators","md5":"31a30ca8367c2add81657b1da865d58d","sha1":"2db436cca58fa7a79953db42772a03710d835f89","sha256":"4ad40341c6805793eb62d4291df4d8412d5df9258d5f71a24d02adaee568e3c7","sha512":"18ba9167243f9c35caf81eff537fe73d4c4299309c2f914c26a1af3d4ce5882b52c935ecd7bff823c75ee0dce0dde080277c4ff7c9b5d98cd4d9bf7a045f85ca","ssdeep":"6144:Xnxsabp6xbnFSaBMa8R8S9kXQW3KjhfsDpNTTA2lwIuLi+54DcIxW/z7g3WagMXd:Xn1tomN+","tlshash":"2ca41a50f753557f2927d67caec0ea996f14ee91c81257b2f640b00899c7ae102e3e3e","first_seen":"2026-06-30T17:29:58.775735Z","last_seen":"2026-06-30T21:34:17.772699Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1265,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":943,"receive":322,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-30","alert":"Sinkholed","trigger":"6jw7mfi5.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-06-30","alert":"Sinkholed","trigger":"6jw7mfi5.cfd","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}
